In message <199608191458.KAA11299@jekyll.piermont.com>, "Perry E. Metzger" writ
es:
>I'd say that an fgrep for strcpy, sprintf and a few others might get
>about 90% of the bugs...
Add strcat...
A quick vgrep for character buffers on the stack in SUID programs
wouldn't hurt either :) (for closer inspection.....)
(vgrep=visual grep)